[Bug 280035] net/krill: Update to version 0.14.5

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280035

            Bug ID: 280035
           Summary: net/krill: Update to version 0.14.5
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://nlnetlabs.nl/news/2024/Jun/27/krill-0.13.2-0.1
                    4.5-released/
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: jaap@NLnetLabs.nl
 Attachment #251743 maintainer-approval+
             Flags:

Created attachment 251743
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=251743&action=edit
Patch to update

This fixes an issue that causes Krill to panic if a CA with
multiple parents and children have one of their parents removed, causing
the children to try and revoke their certificates for that parent. This
is relevant for Krill instances under NIC.br that themselves have
children.

In addition, the releases update the HTTP library to avoid a possible
denial-of-service attack described in RUSTSEC-2024-0332. If you are
exposing Krill’s HTTP server directly to the Internet without a reverse
proxy such as Nginx in between, we advise you to update at your earliest
convenience.

Version 0.14.5 in addition fixes an issue with encoding empty CRLs and
empty RRDP deltas as well as a possible freeze when trying to access the
RIS data while it is being downloaded. It also adds support for
overriding the manifest number for trust anchor CAs.

The complete list of changes can be found in the release notes at
https://github.com/NLnetLabs/krill/releases/tag/v0.14.5

-- 
You are receiving this mail because:
You are the assignee for the bug.